#!/bin/bash
#
# 部署前端应用（HTTPS）
# 作者: 知汛项目组
# 最后更新: 2024-11-07

set -e

# 颜色定义
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
RED='\033[0;31m'
NC='\033[0m'

# 默认配置
PROJECT_DIR="/home/water/source_code/zhixun-uni-app"
DOMAIN="ws.waterism.tech"
HTTP_PORT="8081"
HTTPS_PORT="8444"

# 显示帮助
show_help() {
    cat << EOF
用法: $0 [选项]

部署知汛前端应用（支持HTTPS）

选项:
    --project-dir DIR  项目目录（默认: $PROJECT_DIR）
    --domain DOMAIN    域名（默认: $DOMAIN）
    --http-port PORT   HTTP端口（默认: $HTTP_PORT）
    --https-port PORT  HTTPS端口（默认: $HTTPS_PORT）
    --help             显示此帮助信息

示例:
    # 使用默认配置部署
    bash $0

    # 指定项目目录
    bash $0 --project-dir /path/to/zhixun-uni-app
EOF
}

# 解析参数
while [[ $# -gt 0 ]]; do
    case $1 in
        --project-dir)
            PROJECT_DIR="$2"
            shift 2
            ;;
        --domain)
            DOMAIN="$2"
            shift 2
            ;;
        --http-port)
            HTTP_PORT="$2"
            shift 2
            ;;
        --https-port)
            HTTPS_PORT="$2"
            shift 2
            ;;
        --help)
            show_help
            exit 0
            ;;
        *)
            echo -e "${RED}未知参数: $1${NC}"
            show_help
            exit 1
            ;;
    esac
done

echo "======================================"
echo "部署前端应用（HTTPS）"
echo "======================================"
echo "项目目录: $PROJECT_DIR"
echo "域名: $DOMAIN"
echo "HTTP端口: $HTTP_PORT"
echo "HTTPS端口: $HTTPS_PORT"
echo ""

# 检查项目目录
if [ ! -d "$PROJECT_DIR" ]; then
    echo -e "${RED}✗ 项目目录不存在: $PROJECT_DIR${NC}"
    exit 1
fi

cd "$PROJECT_DIR"

# 检查 docker-compose.yml
if [ ! -f "docker-compose.yml" ]; then
    echo -e "${RED}✗ docker-compose.yml 不存在${NC}"
    exit 1
fi

echo -e "${GREEN}✓ 项目目录检查通过${NC}"

# 检查SSL证书
echo ""
echo -e "${YELLOW}[1/4] 检查SSL证书...${NC}"

SSL_DIR="/opt/ssl/zhixun-app"
if [ ! -d "$SSL_DIR" ]; then
    echo -e "${YELLOW}创建SSL目录: $SSL_DIR${NC}"
    sudo mkdir -p "$SSL_DIR"
fi

CERT_SOURCE="/etc/letsencrypt/live/$DOMAIN"
if [ -d "$CERT_SOURCE" ]; then
    echo -e "${YELLOW}复制证书文件...${NC}"
    sudo cp "$CERT_SOURCE/fullchain.pem" "$SSL_DIR/"
    sudo cp "$CERT_SOURCE/privkey.pem" "$SSL_DIR/"
    sudo chmod 644 "$SSL_DIR/fullchain.pem"
    sudo chmod 600 "$SSL_DIR/privkey.pem"
    echo -e "${GREEN}✓ SSL证书已准备${NC}"
else
    echo -e "${RED}✗ 证书不存在: $CERT_SOURCE${NC}"
    echo ""
    echo "请先申请证书:"
    echo "  sudo bash scripts/ssl-setup/apply-certificate.sh --domain $DOMAIN --email your@email.com"
    exit 1
fi

# 构建前端
echo ""
echo -e "${YELLOW}[2/4] 构建前端...${NC}"

if [ ! -f "package.json" ]; then
    echo -e "${RED}✗ package.json 不存在${NC}"
    exit 1
fi

# 检查是否已安装依赖
if [ ! -d "node_modules" ]; then
    echo -e "${YELLOW}安装依赖...${NC}"
    npm install
fi

echo -e "${YELLOW}构建生产版本...${NC}"
npm run build:h5

if [ $? -ne 0 ]; then
    echo -e "${RED}✗ 构建失败${NC}"
    exit 1
fi

echo -e "${GREEN}✓ 构建成功${NC}"

# 启动Docker容器
echo ""
echo -e "${YELLOW}[3/4] 启动Docker容器...${NC}"

# 检查是否已有容器运行
if docker ps | grep -q zhixun-app; then
    echo -e "${YELLOW}停止现有容器...${NC}"
    docker-compose down
fi

echo -e "${YELLOW}启动容器...${NC}"
docker-compose up -d zhixun-app

if [ $? -ne 0 ]; then
    echo -e "${RED}✗ 容器启动失败${NC}"
    exit 1
fi

# 等待容器启动
echo -e "${YELLOW}等待服务启动...${NC}"
sleep 5

echo -e "${GREEN}✓ 容器已启动${NC}"

# 验证部署
echo ""
echo -e "${YELLOW}[4/4] 验证部署...${NC}"

# 检查HTTP端口
if curl -s -o /dev/null -w "%{http_code}" "http://localhost:$HTTP_PORT" | grep -q "200\|301\|302"; then
    echo -e "${GREEN}✓ HTTP服务正常 (端口 $HTTP_PORT)${NC}"
else
    echo -e "${RED}✗ HTTP服务异常${NC}"
fi

# 检查HTTPS端口
if curl -k -s -o /dev/null -w "%{http_code}" "https://localhost:$HTTPS_PORT" | grep -q "200\|301\|302"; then
    echo -e "${GREEN}✓ HTTPS服务正常 (端口 $HTTPS_PORT)${NC}"
else
    echo -e "${RED}✗ HTTPS服务异常${NC}"
fi

# 检查Docker容器状态
echo ""
echo "容器状态:"
docker ps | grep zhixun-app

echo ""
echo -e "${GREEN}✓ 部署完成${NC}"
echo ""
echo "访问地址:"
echo "  HTTP:  http://$DOMAIN:$HTTP_PORT"
echo "  HTTPS: https://$DOMAIN:$HTTPS_PORT"
echo ""
echo "查看日志:"
echo "  docker logs -f zhixun-app"

